Great Circle Associates List-Managers
(January 1996)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: forgery rejection
From: Al Gilman <asgilman @ access . digex . net>
Date: Sun, 28 Jan 1996 22:07:27 -0500 (EST)
To: outings @ netcom . com (Steve Outing)
Cc: List-Managers @ GreatCircle . COM
In-reply-to: <ad317fef01021004f5b4 @ [192 . 0 . 2 . 1]> from "Steve Outing" at Jan 28, 96 02:10:19 pm

  From: outings @
 netcom .
 com (Steve Outing)
  Is there any way to prevent forged subscriptions? 

The CW would seem to be that twice-around subscription protocols,
which send a magic cookie to the to-be-subscribed address, and do
not permanently enroll the addressee until said magic cookie has
been returned as a confirmation of the request to enroll, are the
known way to defeat subscription forgeries (most of the time).

Even these confirmation-request messages could be spammed into
quite a mailbomb, :-<

See in the archives under the "3rd party auto-reply ..." thread
for a recent flurry touching on this issue.

Al Gilman

Indexed By Date Previous: Length of .sigs
From: Daniel Pfarrer <gsp @ village . ios . com>
Next: Re: Length of .sigs
From: Brock Rozen <brozen @ netvoyage . net>
Indexed By Thread Previous: Re: are at it again
From: outings @ netcom . com (Steve Outing)
Next: Re: are at it again
From: PMDAtropos @ aol . com

Search Internet Search